Finish redaction algorithm.

This commit is contained in:
Erik Johnston 2014-11-10 10:21:32 +00:00
parent 07286a73b1
commit 1c06806f90
5 changed files with 33 additions and 25 deletions

View File

@ -86,8 +86,8 @@ class SynapseEvent(JsonEncodedObject):
def __init__(self, raises=True, **kwargs):
super(SynapseEvent, self).__init__(**kwargs)
if "content" in kwargs:
self.check_json(self.content, raises=raises)
# if "content" in kwargs:
# self.check_json(self.content, raises=raises)
def get_content_template(self):
""" Retrieve the JSON template for this event as a dict.

View File

@ -18,24 +18,31 @@ from .room import (
RoomAliasesEvent, RoomCreateEvent,
)
def prune_event(event):
""" Prunes the given event of all keys we don't know about or think could
potentially be dodgy.
""" Returns a pruned version of the given event, which removes all keys we
don't know about or think could potentially be dodgy.
This is used when we "redact" an event. We want to remove all fields that
the user has specified, but we do want to keep necessary information like
type, state_key etc.
"""
return _prune_event_or_pdu(event.type, event)
event_type = event.type
def prune_pdu(pdu):
"""Removes keys that contain unrestricted and non-essential data from a PDU
"""
return _prune_event_or_pdu(pdu.type, pdu)
def _prune_event_or_pdu(event_type, event):
# Remove all extraneous fields.
event.unrecognized_keys = {}
allowed_keys = [
"event_id",
"user_id",
"room_id",
"hashes",
"signatures",
"content",
"type",
"state_key",
"depth",
"prev_events",
"prev_state",
"auth_events",
]
new_content = {}
@ -65,6 +72,12 @@ def _prune_event_or_pdu(event_type, event):
elif event_type == RoomAliasesEvent.TYPE:
add_fields("aliases")
event.content = new_content
allowed_fields = {
k: v
for k, v in event.get_full_dict().items()
if k in allowed_keys
}
return event
allowed_fields["content"] = new_content
return type(event)(**allowed_fields)

View File

@ -55,9 +55,7 @@ def _compute_content_hash(event, hash_algorithm):
def compute_event_reference_hash(event, hash_algorithm=hashlib.sha256):
# FIXME(erikj): GenericEvent!
tmp_event = GenericEvent(**event.get_full_dict())
tmp_event = prune_event(tmp_event)
tmp_event = prune_event(event)
event_json = tmp_event.get_dict()
event_json.pop("signatures", None)
event_json.pop("age_ts", None)
@ -68,8 +66,7 @@ def compute_event_reference_hash(event, hash_algorithm=hashlib.sha256):
def compute_event_signature(event, signature_name, signing_key):
tmp_event = copy.deepcopy(event)
tmp_event = prune_event(tmp_event)
tmp_event = prune_event(event)
redact_json = tmp_event.get_full_dict()
redact_json.pop("signatures", None)
redact_json.pop("age_ts", None)

View File

@ -56,17 +56,15 @@ class Pdu(JsonEncodedObject):
"origin_server_ts",
"type",
"destinations",
"transaction_id",
"prev_events",
"depth",
"content",
"outlier",
"hashes",
"user_id",
"auth_events",
"signatures", # Below this are keys valid only for State Pdus.
"state_key",
"prev_state",
"required_power_level",
"user_id",
]
internal_keys = [

View File

@ -509,7 +509,7 @@ class SQLBaseStore(object):
)
if del_evs:
prune_event(ev)
ev = prune_event(ev)
ev.redacted_because = del_evs[0]
return events